CN101382973A - Method for raising information safety for computer system and relevant apparatus thereof - Google Patents
Method for raising information safety for computer system and relevant apparatus thereof Download PDFInfo
- Publication number
- CN101382973A CN101382973A CNA2007101462949A CN200710146294A CN101382973A CN 101382973 A CN101382973 A CN 101382973A CN A2007101462949 A CNA2007101462949 A CN A2007101462949A CN 200710146294 A CN200710146294 A CN 200710146294A CN 101382973 A CN101382973 A CN 101382973A
- Authority
- CN
- China
- Prior art keywords
- computer system
- input signal
- comparative result
- bios
- password
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
- Power Sources (AREA)
Abstract
The invention relates to a method for enhancing information security in a computer system. The method comprises the steps: an input signal is received; a start-up code is read; comparison is carried out between the input signal and the start-up code so as to generate a comparison result; and according to the comparison result, the working status of a basic input and output system of the computer system is controlled.
Description
Technical field
The present invention relates to a kind of method and relevant apparatus thereof that a computer system promotes information security that be used for, relate in particular to a kind of method and relevant apparatus thereof of avoiding the engineering mode (Crisis Mode) by Basic Input or Output System (BIOS) of personage intentionally to crack the problem that startup password causes.
Background technology
Computer system universal realized fast, informationized society easily, makes people can handle lot of data more efficiently, and enterprise also changes into one after another and adopts computer system to realize electronization.Therefore, information security more and more is much accounted of.
When a user desires to use a computer system,, after machine to be calculated system finishes in-cycle work, can use a computer earlier by the switch open power supply.For maintenance information safety, the user can prevent that the data of computer system are stolen by setting the modes such as login password of startup password or setting operation system.Login password with the setting operation system is an example, and when computer system power-on and after entering operating system, operating system can require the user to input user's title and password; If correct, then can use operating system; If incorrect, then can't use operating system.This mode can prevent that uncommitted user from entering operating system, is stolen with the data of avoiding computer system.Yet, some backdoor programs can be behind computer system power-on workaround system and the data of accessing computer system make information security leaky.Under comparing, the mode of the startup password of setting computer system is behind computer system power-on, and (BasicInput/Output System) requires the user to import startup password by Basic Input or Output System (BIOS); If correct, begin to carry out follow-up start step, as startup self-detection (Power on Self Test, POST), plug and play test (Plug and Play test), hardware configuration actions such as (HardwareConfiguration), to enter operating system; If incorrect, then Basic Input or Output System (BIOS) can require to re-enter password or shutdown.In other words, by setting startup password, before not entering operating system as yet, computer system will require the user to import startup password, thereby can avoid backdoor programs workaround system and the data of accessing computer system.
Therefore, the setting of startup password can increase the security of computer system, avoids the data of computer system to be stolen.Yet some situation needs the inspection of skipping over starting password, and for example the user forgets Password or the engineering staff carries out computing machine when maintenance.At this moment, can be by pulling out accumulator in the computer system with the record of the Basic Input or Output System (BIOS) of erasing, or enter engineering mode.Engineering mode is a kind of special operating mode in the Basic Input or Output System (BIOS), mainly provides the engineering staff to detect, upgrade, repair the usefulness of Basic Input or Output System (BIOS).When the power supply of computer system is unlocked, but Basic Input or Output System (BIOS) is not carried out before startup password checks as yet, the user can or import specific character string by a demo plant, enter engineering mode, to overhaul or to upgrade processing such as Basic Input or Output System (BIOS), detailed operational scenario please refer to Fig. 1.Fig. 1 is the known synoptic diagram that is used for a start flow process 10 of a computer system.Start flow process 10 comprises following steps:
Step 100: beginning.
Step 102: whether the power switch of judging computer system is unlocked.If then carry out step 104; If not, then continue to detect.
Step 104: judge whether computer system enters engineering mode.If then carry out step 106; If not, then carry out step 108.
Step 106: detect, upgrade, repair Basic Input or Output System (BIOS).
Step 108: judge whether computer system has set startup password.If have, then carry out step 110; If do not have, then carry out step 114.
Step 110: prompting also waits for that the user imports startup password, and carry out step 112.
Step 112: check the character string that is received by Basic Input or Output System (BIOS) and whether conform to default startup password.If then carry out step 114; If not, then carry out step 116.
Step 114: the boot program that carries out Basic Input or Output System (BIOS).
Step 116: finish.
From the above, after the power switch of computer system was unlocked, the user can be before computer system enters the boot program of Basic Input or Output System (BIOS), by demo plant or import specific character string, enter engineering mode, to detect, upgrade, to repair Basic Input or Output System (BIOS).In other words, before Basic Input or Output System (BIOS) is checked startup password, as long as the input specific character string can enter engineering mode.In this case, when if intentionally the personage desires to steal the data of computer system, even computer system has been set startup password, as long as can enter engineering mode, just can be by upgrading Basic Input or Output System (BIOS), skip the verification mechanism of (cracking) startup password, steal the data of computer system, may therefore cause the heavy losses of individual or enterprise.
In brief, computer system can be handled lot of data efficiently, to realize e-cooperative work.Yet, after the power switch of known computer system is unlocked, the user can be before computer system enters the boot program of Basic Input or Output System (BIOS), enter engineering mode and upgrade Basic Input or Output System (BIOS), to skip the verification mechanism of startup password, steal the data of computer system, cause the data of computer system to leak, influence information security.
Summary of the invention
Therefore, fundamental purpose of the present invention promptly is to provide a kind of method and relevant apparatus thereof that a computer system promotes information security that be used for.
The present invention discloses a kind of method that a computer system promotes information security that is used for, and described method comprises reception one input signal; Read one and start password; Relatively this input signal and this start password, to produce a comparative result; And, control the duty of a Basic Input or Output System (BIOS) of this computer system according to this comparative result.
The present invention also discloses a kind of electronic installation that a computer system promotes information security that is used for, and described electronic installation comprises a receiving element, is used for receiving an input signal; One reading unit is used for reading one and starts password; One comparing unit is coupled to this receiving element and this reading unit, is used for relatively this input signal and this startup password, to produce a comparative result; And a control module, be coupled to a Basic Input or Output System (BIOS) of this comparing unit and this computer system, be used for controlling the duty of this Basic Input or Output System (BIOS) according to this comparative result.
The present invention also discloses a kind of method that a computer system promotes information security that is used for, and described method comprises reception one power supply starting signal; After receiving this power supply starting signal, judge a safe class of this computer system; According to this safe class of this computer system, export a cue; After this cue of output, receive an input signal; Read one and start password; Relatively this input signal and this start password, to produce a comparative result; And, control the duty of a Basic Input or Output System (BIOS) of this computer system according to this safe class of this comparative result and this computer system.
The present invention also discloses a kind of electronic installation that a computer system promotes information security that is used for, and described electronic installation comprises one first receiving element, is used for receiving a power supply starting signal; One safe class judging unit is used for judging a safe class of this computer system after this first receiving element receives this power supply starting signal; One output unit is coupled to this safe class judging unit, is used for this safe class according to this computer system, exports a cue; One second receiving element is used for receiving an input signal after this output unit is exported this cue; One reading unit is used for reading one and starts password; One comparing unit is coupled to this second receiving element and this reading unit, is used for relatively this input signal and this startup password, to produce a comparative result; An and control module, be coupled to a Basic Input or Output System (BIOS) of this safe class judging unit, this comparing unit and this computer system, be used for this safe class according to this comparative result and this computer system, control the duty of this Basic Input or Output System (BIOS).
Description of drawings
Fig. 1 is the known synoptic diagram that is used for a start flow process of a computer system.
Fig. 2 is the synoptic diagram of the embodiment of the invention one flow process.
Fig. 3 is used for the functional-block diagram of an information security stiffening device of a computer system for the embodiment of the invention.
Fig. 4 is the functional-block diagram of an Application Example of the information security stiffening device of Fig. 3.
Fig. 5 is the synoptic diagram of the embodiment of the invention one flow process.
Fig. 6 is used for the synoptic diagram of a start flow process of a computer system for the embodiment of the invention.
Fig. 7 is used for the functional-block diagram of an information security stiffening device of a computer system for the embodiment of the invention.
Fig. 8 is the functional-block diagram of an Application Example of the information security stiffening device of Fig. 7.
The primary clustering symbol description:
10,60 start flow processs
20,50 flow processs
30,70 information security stiffening devices
300 receiving elements
302,708 reading units
304,710 comparing units
306,712 control modules
308,714 Basic Input or Output System (BIOS)s
700 first receiving elements
702 safe class judging units
704 output units
706 second receiving elements
400,802 keyboards
402,804 storage devices
404,806 counting units
406,808 caution unit
408,810 storeies
800 power switches
100,102,104,106,108,110,112,114,116,200,202,204,206,208,210,500,502,504,506,508,510,512,514,516,600,602,604,606,608,610,612,614,616 steps
Embodiment
Please refer to Fig. 2, Fig. 2 is the synoptic diagram of the embodiment of the invention one flow process 20.Flow process 20 is used for a computer system and promotes information security, and it comprises following steps:
Step 200: beginning.
Step 202: receive an input signal.
Step 204: read one and start password.
Step 206: relatively this input signal and this start password, to produce a comparative result.
Step 208:, control the duty of a Basic Input or Output System (BIOS) of this computer system according to this comparative result.
Step 210: finish.
According to flow process 20, the present invention receives the input signal that the user imported, and according to input signal and the comparative result that starts password, the duty of control Basic Input or Output System (BIOS).In other words, the present invention can judge earlier that whether input signal conforms to the startup password, and control subsequent operation according to this before Basic Input or Output System (BIOS) is started working, thus, can avoid personage intentionally to crack the problem that startup password causes by the engineering mode of Basic Input or Output System (BIOS).Preferably, input signal is that the keyboard by computer system receives, and starting password then is to obtain by a storage device that reads computer system.
In known technology, even Basic Input or Output System (BIOS) has been set startup password, but as long as by the certain validation device or import specific character string, the user can enter the engineering mode of Basic Input or Output System (BIOS), and then the renewal Basic Input or Output System (BIOS), to crack the verification mechanism of startup password.Under comparing, in the present invention, after flow process 20 was the verification mechanism of input signal by the startup password of inputing the user, computer system was just entered Basic Input or Output System (BIOS).Thus, as long as starting password is not stolen, even intentionally the personage has obtained demo plant or the character string that is used for entering engineering mode, the present invention still can be by starting the verification mechanism of password, avoid uncommitted user to open computer system, thereby the data that prevent computer system are stolen, and avoid causing the heavy losses of individual or enterprise.
It should be noted that flow process 20 is embodiments of the invention, those of ordinary skills should make different variations or modification in view of the above.For instance, in step 208, when conforming to the startup password, then can carry out the boot program of Basic Input or Output System (BIOS), as operations such as startup self-detection, plug and play test and hardware configuration as if the input signal that computer system received; On the contrary, if the input signal that computer system received does not conform to the startup password, then can carry out the shutdown programm of Basic Input or Output System (BIOS).Further, when the input signal that computer system received does not conform to the startup password, the present invention also can add up input signal and start the number of times that password does not conform to, and at input signal and when starting number of times that password do not conform to greater than a preset value, export an alarm signal, as sound or flashing light etc.; Perhaps, input signal is write down with starting the information that password do not conform to, as time of origin etc., with the legal user of facility inquire about in the future, the usefulness of reference.
Therefore, flow process 20 is before computer system does not enter Basic Input or Output System (BIOS) as yet, starts the verification mechanism of password, opens computer system to avoid uncommitted user, thereby the data that prevent computer system are stolen, and avoid causing the heavy losses of individual or enterprise.Implementation about flow process 20 please refer to Fig. 3.Fig. 3 is used for the functional-block diagram of an information security stiffening device 30 of a computer system for the embodiment of the invention.Information security stiffening device 30 is in order to promoting the information security of computer system, and it is built in the keyboard controller of computer system in preferably.Information security stiffening device 30 includes a receiving element 300, a reading unit 302, a comparing unit 304 and a control module 306.Receiving element 300 is used for receiving an input signal, and reading unit 302 is used for reading one and starts password.Comparing unit 304 is coupled to receiving element 300 and reading unit 302, be used for comparator input signal with start password, to produce a comparative result.Control module 306 be coupled to a comparing unit 304 and a Basic Input or Output System (BIOS) 308 between, be used for the comparative result exported according to comparing unit 304, the duty of control Basic Input or Output System (BIOS) 308.
Therefore, in information security stiffening device 30, comparing unit 304 can compare the obtained startup password of input signal that receiving element 300 received and reading unit 302, and control module 306 is then according to the comparative result of comparing unit 304, the duty of control Basic Input or Output System (BIOS) 308.In other words, information security stiffening device 30 can judge that by control module 306 whether input signal conforms to the startup password, and control the work of Basic Input or Output System (BIOS) 308 according to this before Basic Input or Output System (BIOS) 308 is started working.For example, when if the input signal that received of receiving element 300 and reading unit 302 obtained startup passwords conform to, then control module 306 may command Basic Input or Output System (BIOS)s 308 are carried out boot program, as operations such as startup self-detection, plug and play test and hardware configuration; On the contrary, if the input signal that received of receiving element 300 and reading unit 302 obtained startup passwords do not conform to, control module 306 may command Basic Input or Output System (BIOS)s 308 execution shutdown programms then.Thus, can avoid personage intentionally to crack the problem of startup password by the engineering mode of Basic Input or Output System (BIOS) 308.
It should be noted that information security stiffening device shown in Figure 3 30 is embodiments of the invention, those of ordinary skills should make different variations or modification in view of the above.For instance, please refer to Fig. 4, Fig. 4 is used for the Application Example of information security stiffening device 30 of key diagram 3.In Fig. 4, information security stiffening device 30 also is coupled to a keyboard 400, a storage device 402, a counting unit 404, a caution unit 406 and a storer 408.Keyboard 400 is coupled to receiving element 300, is used for receiving the input signal that the user imports, input signal is sent to receiving element 300.Storage device 402 is coupled to reading unit 302, is used for storing the startup password.Counting unit 404 is coupled to comparing unit 304, is used for adding up input signal and starts the number of times that password does not conform to.Caution unit 406 is coupled to counting unit 404, is used for count results according to counting unit 404, and the number of times that the input signal that is received at receiving element 300 and startup password do not conform to is exported an alarm signal, as sound, flashing light etc. during greater than a preset value.Storer 408 is coupled to comparing unit 304, be used for write input with start the information that password does not conform to, as time of origin, number of times etc.Therefore, when input signal that computer system received when starting password and not conforming to, counting unit 404 can be added up input signal and be started the number of times that password does not conform to, and at input signal and when starting number of times that password do not conform to greater than a preset value, by caution unit 406 output alarm signals, as sound or flashing light etc.Simultaneously, storer 408 can with input signal with start the information that password do not conform to and write down, as time of origin etc., with the legal user of facility inquire about in the future, the usefulness of reference.
In known technology, even Basic Input or Output System (BIOS) has been set startup password, but as long as by the certain validation device or import specific character string, the user can enter the engineering mode of Basic Input or Output System (BIOS), and then the renewal Basic Input or Output System (BIOS), to crack the verification mechanism of startup password.Under comparing,, after computer system is the verification mechanism of input signal by the startup password of inputing the user, just can carry out the workflow of Basic Input or Output System (BIOS) by information security stiffening device 30 of the present invention.Thus, as long as starting password is not stolen, even intentionally the personage has obtained demo plant or the character string that is used for entering engineering mode, information security stiffening device 30 still can be by starting the verification mechanism of password, avoid uncommitted user to open computer system, thereby the data that prevent computer system are stolen, and avoid causing the heavy losses of individual or enterprise.
Please refer to Fig. 5, Fig. 5 is the synoptic diagram of the embodiment of the invention one flow process 50.Flow process 50 is used for a computer system and promotes information security, and it comprises following steps:
Step 500: beginning.
Step 502: receive a power supply starting signal.
Step 504: after receiving this power supply starting signal, judge a safe class of this computer system.
Step 506:, export a cue according to this safe class of this computer system.
Step 508: after this cue of output, receive an input signal.
Step 510: read one and start password.
Step 512: relatively this input signal and this start password, to produce a comparative result.
Step 514:, control the duty of a Basic Input or Output System (BIOS) of this computer system according to this safe class of this comparative result and this computer system.
Step 516: finish.
In flow process 50, after computer system received power supply starting signal, the power switch of expression computer system was activated.After computer system was unlocked, flow process 50 can be judged the safe class of computer system, and exports a cue according to this, to point out a cryptoguard information, requires the user to key in input signal.Then, flow process 50 can read the startup password of computer system, and compares with the input signal that is received, to produce comparative result.At last, flow process 50 is controlled the duty of Basic Input or Output System (BIOS) according to the safe class of comparative result and computer system.In other words, flow process 50 is after computer system is unlocked, but before Basic Input or Output System (BIOS) do not work as yet, the prompting user inputed password, starting the verification mechanism of password, and controls subsequent operation according to this.Thus, can avoid personage intentionally to crack the problem that startup password causes by the engineering mode of Basic Input or Output System (BIOS).Preferably, input signal system receives by a keyboard of computer system, and starting password then is to obtain by a storage device that reads computer system.
Therefore, after computer system was opened, flow process 50 just entered Basic Input or Output System (BIOS) after being the verification mechanism of input signal by the startup password of inputing the user.Thus, as long as starting password is not stolen, even intentionally the personage has obtained demo plant or the character string that is used for entering engineering mode, the present invention still can be by starting the verification mechanism of password, avoid uncommitted user to open computer system, thereby the data that prevent computer system are stolen, and avoid causing the heavy losses of individual or enterprise.
It should be noted that flow process 50 is embodiments of the invention, those of ordinary skills should make different variations or modification in view of the above.For instance, in step 506, the cue of being exported when computer system is started cryptoguard can be signals such as light, sound.In addition; step 514 can have following three kinds of embodiments: the first, if computer system is started cryptoguard; and when the input signal that computer system received conforms to the startup password; then carry out the boot program of Basic Input or Output System (BIOS), as startup self-detection, plug and play test and hardware configuration etc.The second, if computer system is started cryptoguard, and the input signal that computer system received and startup password are then carried out the shutdown programm of Basic Input or Output System (BIOS) when not conforming to.Three, if computer system is started cryptoguard, then directly carry out the boot program of Basic Input or Output System (BIOS).On the other hand, when if the input signal that computer system received does not conform to the startup password, the present invention also can add up input signal and start the number of times that password does not conform to, and at input signal and when starting number of times that password do not conform to greater than a preset value, export an alarm signal, as sound or flashing light etc.; Perhaps, input signal is write down with starting the information that password do not conform to, as time of origin etc., with the legal user of facility inquire about in the future, the usefulness of reference.
Above-mentioned explanation can be summarized in a start flow process 60, as shown in Figure 6.Start flow process 60 is designed according to flow process 50, is used for a computer system and strengthens information security, and it comprises following steps:
Step 600: beginning.
Step 602: whether the power switch of judging computer system is unlocked.If then carry out step 604; If not, then continue to detect.
Step 604: judge that computer system is started cryptoguard.If then carry out step 606; If not, then carry out step 614.
Step 606: export a cue, import input signal to require the user.
Step 608: receive the input signal that the user imported.
Step 610: read the startup password.
Step 612: judge whether the input signal that the user inputs conforms to the startup password.If then carry out step 614; If not, then carry out step 616.
Step 614: the boot program that carries out Basic Input or Output System (BIOS).
Step 616: the shutdown programm that carries out Basic Input or Output System (BIOS).
As from the foregoing, after computer system was unlocked, start flow process 60 can judge whether computer system is started cryptoguard.If computer system is started cryptoguard, then export a cue, key in input signal to require the user; On the contrary, if computer system is started cryptoguard, then directly carry out the boot program of Basic Input or Output System (BIOS).Then, start flow process 60 can read the startup password of computer system, and compares with the input signal that is received.If input signal conforms to the startup password, then carry out the boot program of Basic Input or Output System (BIOS); On the contrary, if input signal does not conform to the startup password, then carry out the shutdown programm of Basic Input or Output System (BIOS).In other words, start flow process 60 is after computer system is unlocked, but before Basic Input or Output System (BIOS) do not work as yet, the prompting user inputed password, starting the verification mechanism of password, and controls subsequent operation according to this.Thus, can avoid personage intentionally to crack the problem that startup password causes by the engineering mode of Basic Input or Output System (BIOS).
Hardware about the flow process 50 of Fig. 5 is realized, please refer to Fig. 7.Fig. 7 is used for the functional-block diagram of an information security stiffening device 70 of a computer system for the embodiment of the invention.Information security stiffening device 70 is in order to promoting the information security of computer system, and it is built in the keyboard controller of computer system in preferably.Information security stiffening device 70 includes one first receiving element 700, a safe class judging unit 702, an output unit 704, one second receiving element 706, a reading unit 708, a comparing unit 710 and a control module 712.First receiving element 700 is used for receiving a power supply starting signal, and safe class judging unit 702 then after first receiving element 700 receives power supply starting signal, is judged a safe class of computer system.Output unit 704 is coupled to safe class judging unit 702, is used for safe class according to computer system, exports a cue, to point out a cryptoguard information, requires the user to key in input signal.Second receiving element 706 is used for receiving an input signal after output unit 704 output cues, and reading unit 708 then is used for reading one and starts password.Comparing unit 710 is coupled to second receiving element 706 and reading unit 708, be used for comparator input signal with start password, to produce a comparative result.712 of control modules are coupled to safe class judging unit 702, comparing unit 710 and a Basic Input or Output System (BIOS) 714, be used for the comparative result exported according to comparing unit 710 and the judged result of safe class judging unit 702, the duty of control Basic Input or Output System (BIOS) 714.
In information security stiffening device 70, safe class judging unit 702 can be judged the safe class of computer system, 710 of comparing units can compare input signal and start password, control module 712 is controlled the duty of Basic Input or Output System (BIOS) 714 then according to the safe class of computer system and the comparative result of input signal and startup password.In other words, if computer system is started cryptoguard, then after computer system is unlocked; but before Basic Input or Output System (BIOS) 714 is not worked as yet; information security stiffening device 70 can the prompting users be inputed password, starting the verification mechanism of password, and controls subsequent operation according to this.Thus, as long as starting password is not stolen, even intentionally the personage has obtained demo plant or the character string that is used for entering engineering mode, information security stiffening device 70 still can be by starting the verification mechanism of password, avoid uncommitted user to open computer system, thereby the data that prevent computer system are stolen, and avoid causing the heavy losses of individual or enterprise.
It should be noted that information security stiffening device 70 shown in Figure 7 is the functional-block diagram of the embodiment of the invention, those of ordinary skills should make different variations or modification in view of the above.For instance, output unit 704 can be a light emitting diode, is used for producing wigwag, or loudspeaker, is used for producing voice signal.In addition; control module 712 can have following three kinds of embodiments: the first, if computer system is started cryptoguard; and when the input signal that computer system received conforms to the startup password; then carry out the boot program of Basic Input or Output System (BIOS), as startup self-detection, plug and play test and hardware configuration etc.The second, if computer system is started cryptoguard, and the input signal that computer system received and startup password are then carried out the shutdown programm of Basic Input or Output System (BIOS) when not conforming to.Three, if computer system is started cryptoguard, then directly carry out the boot program of Basic Input or Output System (BIOS).
In addition, please refer to Fig. 8, Fig. 8 is used for the Application Example of information security stiffening device 70 of key diagram 7.In Fig. 8, information security stiffening device 70 also is coupled to a power switch 800, a keyboard 802, a storage device 804, a counting unit 806, a caution unit 808 and a storer 810.Power switch 800 is coupled to first receiving element 700, is used for producing power supply starting signal.Keyboard 802 is coupled to second receiving element 706, is used for receiving the input signal that the user imports, input signal is sent to second receiving element 706.Storage device 804 is coupled to reading unit 708, is used for storing the startup password.Counting unit 806 is coupled to control module 712, is used for adding up input signal and starts the number of times that password does not conform to.Caution unit 808 is coupled to counting unit 806, be used for count results according to counting unit 806, the input signal that is received at second receiving element 706 is exported an alarm signal, as sound, flashing light etc. when starting number of times that password do not conform to greater than a preset value.Storer 810 is coupled to control module 712, be used for write input with start the information that password does not conform to, as time of origin, number of times etc.Therefore, when input signal that computer system received when starting password and not conforming to, counting unit 806 can be added up input signal and be started the number of times that password does not conform to, and at input signal and when starting number of times that password do not conform to greater than a preset value, by caution unit 808 output alarm signals, as sound or flashing light etc.Simultaneously, storer 810 can with input signal with start the information that password do not conform to and write down, as time of origin etc., with the legal user of facility inquire about in the future, the usefulness of reference.
In known technology, even Basic Input or Output System (BIOS) has been set startup password, but as long as by the certain validation device or import specific character string, the user can enter the engineering mode of Basic Input or Output System (BIOS), and then the renewal Basic Input or Output System (BIOS), to crack the verification mechanism of startup password.Under comparing, in the present invention, after computer system is the verification mechanism of input signal by the startup password of inputing the user, just can carry out the workflow of Basic Input or Output System (BIOS).Thus, as long as starting password is not stolen, even intentionally the personage has obtained demo plant or the character string that is used for entering engineering mode, the present invention still can be by starting the verification mechanism of password, avoid uncommitted user to open computer system, thereby the data that prevent computer system are stolen, and avoid causing the heavy losses of individual or enterprise.
In sum, the present invention can effectively strengthen the information security of computer system, prevents that the data of computer system are stolen, and avoids causing the loss of individual or enterprise.
The above only is preferred embodiment of the present invention, and all equivalent variations and modifications of being done according to claims scope of the present invention all should belong to covering scope of the present invention.
Claims (28)
1. one kind is used for the method that a computer system promotes information security, and described method comprises:
Receive an input signal;
Read one and start password;
More described input signal and described startup password are to produce a comparative result; And
According to described comparative result, control the duty of a Basic Input or Output System (BIOS) of described computer system.
2. the method for claim 1, wherein the step of duty of controlling the described Basic Input or Output System (BIOS) of described computer system according to described comparative result is when described comparative result shows that described input signal conforms to described startup password, controls described Basic Input or Output System (BIOS) and carries out a boot program.
3. the method for claim 1, wherein the step of duty of controlling the described Basic Input or Output System (BIOS) of described computer system according to described comparative result is when described comparative result shows that described input signal does not conform to described startup password, control described Basic Input or Output System (BIOS) and carry out a shutdown programm, so that described computer system is shut down.
4. the method for claim 1, also being included in described comparative result shows when described input signal does not conform to described startup password, add up the number of times that described input signal and described startup password do not conform to, and the number of times that does not conform at described input signal and described startup password is exported an alarm signal during greater than a preset value.
5. the method for claim 1 also is included in described comparative result and shows when described input signal does not conform to described startup password, writes down the information of described comparative result.
6. one kind is used for the electronic installation that a computer system promotes information security, and described electronic installation comprises:
One receiving element is used for receiving an input signal;
One reading unit is used for reading one and starts password;
One comparing unit is coupled to described receiving element and described reading unit, is used for more described input signal and described startup password, to produce a comparative result; And
One control module is coupled to a Basic Input or Output System (BIOS) of described comparing unit and described computer system, is used for controlling the duty of described Basic Input or Output System (BIOS) according to described comparative result.
7. electronic installation as claimed in claim 6, wherein said control module are used for controlling described Basic Input or Output System (BIOS) and carrying out a boot program when described comparative result shows that described input signal conforms to described startup password.
8. electronic installation as claimed in claim 6, wherein said control module is used for when described comparative result shows that described input signal does not conform to described startup password, control described Basic Input or Output System (BIOS) and carry out a shutdown programm, so that described computer system is shut down.
9. electronic installation as claimed in claim 6 also comprises:
One counting unit is coupled to described comparing unit, is used for when described comparative result shows that described input signal does not conform to described startup password, adds up the number of times that described input signal and described startup password do not conform to; And
One caution unit is coupled to described counting unit, is used for the number of times that do not conform at described input signal and described startup password during greater than a preset value, exports an alarm signal.
10. electronic installation as claimed in claim 6 also comprises:
One storer is coupled to described comparing unit, is used for writing down the information of described comparative result when described comparative result shows that described input signal does not conform to described startup password.
11. electronic installation as claimed in claim 6 is built in the described electronic installation in the keyboard controller of described computer system.
12. one kind is used for the method that a computer system promotes information security, described method comprises:
Receive a power supply starting signal;
After receiving described power supply starting signal, judge a safe class of described computer system;
According to the described safe class of described computer system, export a cue;
After the described cue of output, receive an input signal;
Read one and start password;
More described input signal and described startup password are to produce a comparative result; And
According to the described safe class of described comparative result and described computer system, control the duty of a Basic Input or Output System (BIOS) of described computer system.
13. being the power switches by described computer system, method as claimed in claim 12, the step that wherein receives described power supply starting signal receive described power supply starting signal.
14. method as claimed in claim 12; wherein the step of exporting described cue according to the described safe class of described computer system is when described computer system is subjected to described startup cryptoguard; export described cue, to point out a cryptoguard information.
15. method as claimed in claim 12; wherein the step of duty of controlling the described Basic Input or Output System (BIOS) of described computer system according to the described safe class of described comparative result and described computer system is to be subjected to described startup cryptoguard in described computer system; and described comparative result shows when described input signal conforms to described startup password, controls described Basic Input or Output System (BIOS) and carry out a boot program.
16. method as claimed in claim 12; wherein the step of duty of controlling the described Basic Input or Output System (BIOS) of described computer system according to the described safe class of described comparative result and described computer system is to be subjected to described startup cryptoguard in described computer system; and described comparative result shows when described input signal does not conform to described startup password; control described Basic Input or Output System (BIOS) and carry out a shutdown programm, so that described computer system is shut down.
17. method as claimed in claim 12; wherein the step of duty of controlling the described Basic Input or Output System (BIOS) of described computer system according to the described safe class of described comparative result and described computer system is when described computer system is not subjected to described startup cryptoguard, controls described Basic Input or Output System (BIOS) and carries out a boot program.
18. method as claimed in claim 12, also being included in described comparative result shows when described input signal does not conform to described startup password, add up the number of times that described input signal and described startup password do not conform to, and the number of times that does not conform at described input signal and described startup password is exported an alarm signal during greater than a preset value.
19. method as claimed in claim 12 also is included in described comparative result and shows when described input signal does not conform to described startup password, writes down the information of described comparative result.
20. one kind is used for the electronic installation that a computer system promotes information security, described electronic installation comprises:
One first receiving element is used for receiving a power supply starting signal;
One safe class judging unit is used for judging a safe class of described computer system after described first receiving element receives described power supply starting signal;
One output unit is coupled to described safe class judging unit, is used for described safe class according to described computer system, exports a cue;
One second receiving element is used for receiving an input signal after described output unit is exported described cue;
One reading unit is used for reading one and starts password;
One comparing unit is coupled to described second receiving element and described reading unit, is used for more described input signal and described startup password, to produce a comparative result; And
One control module, be coupled to a Basic Input or Output System (BIOS) of described safe class judging unit, described comparing unit and described computer system, be used for described safe class according to described comparative result and described computer system, control the duty of described Basic Input or Output System (BIOS).
21. electronic installation as claimed in claim 20, wherein said first receiving element are a power switch that is coupled to described computer system.
22. when electronic installation as claimed in claim 20, wherein said output unit are subjected to described startup cryptoguard in described computer system, export described cue, to point out a cryptoguard information.
23. electronic installation as claimed in claim 20; wherein said control module is used for being subjected to described startup cryptoguard in described computer system; and described comparative result shows when described input signal conforms to described startup password, controls described Basic Input or Output System (BIOS) and carry out a boot program.
24. electronic installation as claimed in claim 20; wherein said control module is used for being subjected to described startup cryptoguard in described computer system; and described comparative result shows when described input signal does not conform to described startup password; control described Basic Input or Output System (BIOS) and carry out a shutdown programm, so that described computer system is shut down.
25. electronic installation as claimed in claim 20, wherein said control module are used for controlling described Basic Input or Output System (BIOS) and carrying out a boot program when described computer system is not subjected to described startup cryptoguard.
26. electronic installation as claimed in claim 20 also comprises:
One counting unit is coupled to described comparing unit, is used for when described comparative result shows that described input signal does not conform to described startup password, adds up the number of times that described input signal and described startup password do not conform to; And
One caution unit is coupled to described counting unit, is used for the number of times that do not conform at described input signal and described startup password during greater than a preset value, exports an alarm signal.
27. electronic installation as claimed in claim 20 also comprises:
One storer is coupled to described comparing unit, is used for writing down the information of described comparative result when described comparative result shows that described input signal does not conform to described startup password.
28. electronic installation as claimed in claim 20 is built in the described electronic installation in the keyboard controller of described computer system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007101462949A CN101382973A (en) | 2007-09-03 | 2007-09-03 | Method for raising information safety for computer system and relevant apparatus thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007101462949A CN101382973A (en) | 2007-09-03 | 2007-09-03 | Method for raising information safety for computer system and relevant apparatus thereof |
Related Child Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010194773A Division CN101847191A (en) | 2007-09-03 | 2007-09-03 | Method for improving information security in computer system and relevant device thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101382973A true CN101382973A (en) | 2009-03-11 |
Family
ID=40462810
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2007101462949A Pending CN101382973A (en) | 2007-09-03 | 2007-09-03 | Method for raising information safety for computer system and relevant apparatus thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101382973A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102479302A (en) * | 2010-11-24 | 2012-05-30 | 鸿富锦精密工业(深圳)有限公司 | Password protection system and method |
| CN104615938A (en) * | 2015-02-25 | 2015-05-13 | 山东超越数控电子有限公司 | Power-on authentication method based on solid-state hard disk drive |
| CN107528978A (en) * | 2017-08-30 | 2017-12-29 | 深圳天珑无线科技有限公司 | Verification method, checking system and electronic equipment |
| CN108021816A (en) * | 2017-12-05 | 2018-05-11 | 广东欧珀移动通信有限公司 | Test method, device, storage medium and the electronic equipment of electronic equipment |
| CN108132796A (en) * | 2018-01-10 | 2018-06-08 | 吉利汽车研究院(宁波)有限公司 | The upgrade method and device of a kind of combination instrument |
-
2007
- 2007-09-03 CN CNA2007101462949A patent/CN101382973A/en active Pending
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102479302A (en) * | 2010-11-24 | 2012-05-30 | 鸿富锦精密工业(深圳)有限公司 | Password protection system and method |
| CN104615938A (en) * | 2015-02-25 | 2015-05-13 | 山东超越数控电子有限公司 | Power-on authentication method based on solid-state hard disk drive |
| CN107528978A (en) * | 2017-08-30 | 2017-12-29 | 深圳天珑无线科技有限公司 | Verification method, checking system and electronic equipment |
| CN108021816A (en) * | 2017-12-05 | 2018-05-11 | 广东欧珀移动通信有限公司 | Test method, device, storage medium and the electronic equipment of electronic equipment |
| CN108132796A (en) * | 2018-01-10 | 2018-06-08 | 吉利汽车研究院(宁波)有限公司 | The upgrade method and device of a kind of combination instrument |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100547549C (en) | Carry out the system and method for secure operating system guiding from the password protection hard disk | |
| US20090064316A1 (en) | Method and Apparatus for Enhancing Information Security in a Computer System | |
| JP2013242868A (en) | Password management device, password management system of the same, and management method of the same | |
| CN101382973A (en) | Method for raising information safety for computer system and relevant apparatus thereof | |
| US6615356B1 (en) | System and method for controlling a system power supply using a password | |
| RU2013135240A (en) | METHOD AND DEVICE FOR MANAGING ACCESS TO COMPUTER SYSTEM | |
| CN107678875B (en) | Fault detection and automatic repair method, device, terminal and storage medium | |
| US20090006857A1 (en) | Method and apparatus for starting up a computing system | |
| US7275257B1 (en) | Remote controlled computer system and method of operating the same | |
| CN105279460A (en) | Method and device for starting USB (Universal Serial Bus) debugging mode interface, and terminal | |
| CN106250747B (en) | Information processing method and electronic equipment | |
| CN101751519B (en) | Method for improving information security of computer system and relative computer system thereof | |
| CN105005721A (en) | Computer authorization starting control system and method based on computer starting key | |
| EP3428820B1 (en) | Terminal voice unlocking method and terminal | |
| CN108628242A (en) | A kind of machine tool encryption and decryption and authorization method based on PLC control platforms | |
| CN101847191A (en) | Method for improving information security in computer system and relevant device thereof | |
| US20090037715A1 (en) | Fingerprint reader resetting system and method | |
| US20120304264A1 (en) | Key protecting method and a computing apparatus | |
| CN111967025A (en) | Method, device, equipment and storage medium for encrypting and protecting server starting option | |
| CN106406674A (en) | Mobile terminal application starting method and device | |
| CN111625795A (en) | Login authentication system and method based on finger veins | |
| CN101169813B (en) | Computer system and control method thereof, and remote control system | |
| TWI430133B (en) | Biosensing boot apparatus, boot management system controlled by biometric sensor and method thereof | |
| CN200994142Y (en) | Identity verifying start device | |
| CN113158163A (en) | Computer system and user identity identification method and system thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20090311 |